AMENDMENT UNDER 37 CFR 1.111 
U.S. Appln. No. 10/088,399 



AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions and listings of claims in the 

application: 

LISTING OF CLAIMS: 

1 . (Currently Amended): A method for presorting a plurality of rules for filtering a packet in 
network, the method comprising the steps of: 

(a) selecting a characteristic for sorting the plurality of rules , wherein said characteristic 

is at least one of a source address and a destination address ; 

(b) associating each rule with at least one of a plurality of values for said characteristic; 

presorting at a network security filter the plurality of rules according to each value for said 

characteristic; 

(e) receiving the packet at the network security filter ; 

(4) analyzing information in the packet to retrieve from the received packet one of said 

values; 

(e) selecting at least one of the presorted plurality of rules according to said one value 

retrieved from the received packet, wherein the selected rule is associated with said one value; and 

(f) applying said selected rule to the received packet, such that the received packet is 

permitted to enter the network or alternatively is dropped in accordance with the selected rule. 

2. (Canceled). 

3. (Canceled). 
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4. (Currently Amended): The method of claim 3J_, wherein said characteristic is a combination of 
said source address of the packet and said destination address of the packet. 

5. (Currently Amended): The method of claim 3-1, wherein a user is associated with each value 
such that step (b) further comprises the steps of: 

(i) assigning at least one privilege to said user; and 

(ii) determining whether to associate each rule with said value according to said at least 
one privilege. 

6. (Previously Presented): The method of claim 5, wherein said assigning at least one privilege to 
said user further comprises determining a user profile of associated rules according to said at least 
one privilege. 

7. (Original): The method of claim 6, wherein said user profile is further associated with a group 
profile, such that a plurality of values for said characteristic is associated with said associated rules 
of said group profile. 

8. (Currently Amended): An apparatus for presorting a plurality of rules for filtering a packet in 
network, wherein a characteristic for sorting the plurality of rules is at least one of a source address 
and a destination address s e lect e d , said characteristic has a plurality of possible values, and each 
rule is associated with at least one value for said characteristic, the apparatus comprising: 

a software module for performing the operations of: 

presorting at a network security filter the plurality of rules according to each value for said 
characteristic; 
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analyzing information in a packet received at the network security filter to retrieve from the 
packet a value for said characteristic; 

selecting at least one of the presorted plurality of rules according to said value retrieved 
from the packet, wherein the selected rule is associated with said value; and 

applying said selected rule to the packet, such that the packet is permitted to enter the 
network or alternatively is dropped in accordance with the selected rule. 

9. (Canceled). 

10. (Canceled). 

1 1 . (Currently Amended): The apparatus of claim 4-08, wherein said characteristic is a 
combination of said source address of the packet and said destination address of the packet. 

12. (Currently Amended): The apparatus of claim 408, wherein a user is associated with each 
value of said characteristic, such that software module further performs the operations of: 

(i) assigning at least one privilege to said user; and 

(ii) determining whether to associate each rule with said value according to said at least 
one privilege. 

13. (Previously Presented): The apparatus of claim 12, wherein said software module further 
performs the operations of: determining a user profile of associated rules according to said at least 
one privilege. 
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14. (Previously Presented): The apparatus of claim 13, wherein said user profile is further 
associated with a group profile, such that a plurality of values for said characteristic is associated 
with said associated rules of said group profile. 

15. (Currently Amended): A computer program product comprising: 

a computer usable medium having computer readable code embodied therein for 
presorting a plurality of rules for filtering a packet received at are network security filter , the 
computer program product comprising computer readable program code for performing the 
operations of: 

(a) selecting a characteristic for sorting the plurality of rules, said characteristic having a 

plurality of possible values , wherein said characteristic is at least one of a source address and a 
destination address ; 

(b) associating each rule with at least one value for said characteristic; 

presorting at a network security filter the plurality of rules according to each value for said 
characteristic; 

(e) analyzing information in athe r e c e iv e d packet received at a network security filter to 

retrieve said value from a-the r e ceiv e d packet; 

(d) selecting at least one of the presorted p lurality of rules according to said value 

retrieved from the received packet, wherein the selected rule is associated with said value; and 

(e) applying said selected rule to the received packet, such that the received packet is 

permitted to enter the network or alternatively is dropped in accordance with said selected rule. 

16-18. (Cancelled). 
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19. (Currently Amended): The computer readable program product of claim 15, wherein said 
characteristic is a combination of a-the source address of the packet and a-the destination address of 
the packet. 

20. (Previously Presented): The computer readable program product of claim 15, wherein a user is 
associated with each value of said characteristic, such that said computer readable program code 
further comprising the operations of: 

(i) assigning at least one privilege to said user; and 

(ii) determining whether to associate each rule with said value of said characteristic 
according to said at least one privilege. 
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